As of August 2020 the site you are on (wiki.newae.com) is deprecated, and content is now at rtfm.newae.com.

Difference between revisions of "Tutorial P1 Using a Custom Trigger"

From ChipWhisperer Wiki
Jump to: navigation, search
Line 88: Line 88:
 
Run the <code>Project>Example Scripts>ChipWhisperer-Lite: AES SimpleSerial on XMEGA</code> script. We will modify some of the settings.
 
Run the <code>Project>Example Scripts>ChipWhisperer-Lite: AES SimpleSerial on XMEGA</code> script. We will modify some of the settings.
 
</li>
 
</li>
 +
The modifications to the settings will allow us the use stream mode while manually sending a plain text for encryption. We will then look at the stream data and identify where the encryption takes place and what it looks like.
 
<li>
 
<li>
Under the <b>Scope Settings</b> find the <b>ADC Clock</b> section. Here change the <b>Source</b> setting to <b>CLKGEN x1 via DCM</b>
+
Under the <b>Scope Settings</b> find the <b>ADC Clock</b> section. Here change the <b>Source</b> setting to <code>CLKGEN x1 via DCM</code>. The <b>ADC Sample Rate</b> field should auto-populate to <b>7.3846 MS/s</b> or a number approximately equal. If the sampling rate is above 10 MS/s the streaming mode will not work as the buffer in the FPGA will overflow.
 +
<br>
 +
[[File:ADC Clock.PNG]]
 
</li>
 
</li>
 +
<li>
 +
Under the <b>Scope Settings</b> find the <b>Trigger Setup</b> section. Enable <b>Stream Mode</b>. The <b>Mode</b> field needs to be set to <code>low</code> so the sample capture starts right away because the target does not set the trigger line to high anymore during encryption.
 +
</li>
 +
<li>
 +
Under the same section change the <b>Total Samples</b> field to <code>11000000</code>. This will give use a window of approximately 1.5 seconds to send a plain text and capture the power measurements during encryption.
 +
</li>
 +
Note: The <b>Timeout (secs)</b> field needs to be set greater than the time it needs to stream the samples and a little additional time to allow for hardware communication. For example: 11 million samples take about 1.5 seconds at the sampling rate of 7.3MS/s so this field should be set to <code>2</code> seconds. You can set it higher if needed.
 +
 
</ol>
 
</ol>

Revision as of 05:59, 24 May 2017

This page is in progress

This tutorial will explore the ChipWhisperer Pro's custom trigger and stream features.

Prerequisites

This tutorial can only be completed using the CW1200_ChipWhisperer-Pro. The ChipWhisperer software and its prerequisites should be installed and the CW1200_ChipWhisperer-Pro and hardware should be connected to each other and your computer. If not, this is the page for you: Installing ChipWhisperer. This tutorial is an extension of Tutorial B1 Building a SimpleSerial Project and Tutorial B5 Breaking AES (Straightforward), which should be completed first for better understanding.

Introduction

Unique to the CW1200_ChipWhisperer-Pro's more advanced FPGA, the stream feature allows continuous power measurement data streaming, removing the upper limit (due to a smaller FPGA) of total samples possible. This allows to you to continuously stream data for a time period in which you can manually send data to the target to record the power response. You can later find the subsection of sample points in the streamed power trace that correspond to the encryption of data. You can now use a subsection of 128 sample points to create a custom trigger using the sum of differences (TODO: link to subsequent section). This eliminates the need for the target to have a code that signals the ChipWhisperer when encryption begins. The subset of points for triggering is chosen by you, so anything is possible... We will explore one possibility in this tutorial.

Building the Target Code

We will begin by modifying the simpleserial-aes.c code with a editor of your choice.

  1. Navigate to the ChipWhisperer installation directory and find the simpleserial-aes folder, the folder is in the ...\chipwhisperer\hardware\victims\firmware directory. The beginning of the file path may be different depending on the installation directory.
  2. Copy the simpleserial-aes folder into the same directory and rename it as you see fit. For example: simpleserial-aes-stream.
  3. Now open the simpleserial-aes-stream folder and rename the simpleserial-aes.c file to match the directory name change. For example: simpleserial-aes-stream.c
  4. Open the simpleserial-aes-stream.c file in the text editor of your choice and find this section of the code near the top.
    /**********************************
     * Start user-specific code here. */
    
    uint8_t get_pt(uint8_t* pt)
    {
    	trigger_high();
    	aes_indep_enc(pt); /* encrypting the data block */
    	trigger_low();
    	simpleserial_put('r', 16, pt);
    	return 0x00;
    }
    
    /* End user-specific code here. *
     ********************************/
    
  5. Modify this code by commenting out the trigger_high(); and trigger_low(); to remove the signal produced by the target to tell the ChipWhisperer it is starting the encryption process. Your c code should look like this:
    /**********************************
     * Start user-specific code here. */
    
    uint8_t get_pt(uint8_t* pt)
    {
    	//trigger_high();
    	aes_indep_enc(pt); /* encrypting the data block */
    	//trigger_low();
    	simpleserial_put('r', 16, pt);
    	return 0x00;
    }
    
    /* End user-specific code here. *
     ********************************/
    
  6. Save this code, and then find the makefile file and open it in a text editor of your choice. Find this piece of code near the top:
    # Target file name (without extension). 
    # This is the base name of the compiled .hex file.
    TARGET = simpleserial-aes
    
    # List C source files here.
    # Header files (.h) are automatically pulled in.
    SRC += simpleserial-aes.c 
    

    Change the TARGET = simpleserial-aes line to TARGET = simpleserial-aes-stream and the SRC += simpleserial-aes.c line to SRC += simpleserial-aes-stream.c

  7. Open your command line in the simpleserial-aes-stream directory and run the make command for the correct target. For example: for the XMEGA run make PLATFORM=CW303. This will create a .hex file in the same directory. This step requires avr-gcc to be set-up and added to your system path. If you have not done this go back to Installing ChipWhisperer under the Required Tools dropdown.
  8. Next open the ChipWhisperer software. Hopefully you know how to do this by now.
  9. Run the Project>Example Scripts>ChipWhisperer-Lite: AES SimpleSerial on XMEGA script. We will modify some of the settings.
  10. The modifications to the settings will allow us the use stream mode while manually sending a plain text for encryption. We will then look at the stream data and identify where the encryption takes place and what it looks like.

  11. Under the Scope Settings find the ADC Clock section. Here change the Source setting to CLKGEN x1 via DCM. The ADC Sample Rate field should auto-populate to 7.3846 MS/s or a number approximately equal. If the sampling rate is above 10 MS/s the streaming mode will not work as the buffer in the FPGA will overflow.
    ADC Clock.PNG
  12. Under the Scope Settings find the Trigger Setup section. Enable Stream Mode. The Mode field needs to be set to low so the sample capture starts right away because the target does not set the trigger line to high anymore during encryption.
  13. Under the same section change the Total Samples field to 11000000. This will give use a window of approximately 1.5 seconds to send a plain text and capture the power measurements during encryption.
  14. Note: The Timeout (secs) field needs to be set greater than the time it needs to stream the samples and a little additional time to allow for hardware communication. For example: 11 million samples take about 1.5 seconds at the sampling rate of 7.3MS/s so this field should be set to 2 seconds. You can set it higher if needed.